8 matches found
Apache ShenYu Admin Authentication Bypass (CVE-2021-37580)
A authentication bypass vulnerability exists in the Apache ShenYu Admin. The vulnerability is due to improper handling of the incoming HTTP requests...
org.apache.shenyu:shenyu-admin-dist (=2.4.0) potentially affected by CVE-2021-37580 via org.apache.shenyu:shenyu-admin (=2.4.0)
org.apache.shenyu:shenyu-admin MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shenyu:shenyu-admin and may be impacted: - org.apache.shenyu:shenyu-admin-dist =2.4.0 Source cves: CVE-2021-37580 Source advisory:...
CVE-2021-37580
creationtimestamp| type| source ---|---|--- 2021-11-17 13:31:40+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/868 2021-11-18 00:23:00+00:00| published-proof-of-concept| https://t.me/hackertrick/440 2021-11-20 06:56:13+00:00| published-proof-of-concept| https://t.me/BlueRedTeam/119...
Exploit for Improper Authentication in Apache Shenyu
CVE-2021-37580 0x00 Vulnerability Details Vulnerability...
Exploit for Improper Authentication in Apache Shenyu
Apache ShenYu Admin has a vulnerability that allows for authenti...
CVE-2021-37580
A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0...
CVE-2021-37580 Apache ShenYu Admin bypass JWT authentication
A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0...
CVE-2021-37580
Apache ShenYu Admin (ShenyuAdminBootstrap) contains an authentication bypass flaw due to the incorrect use of JWT, affecting ShenYu 2.3.0 and 2.4.0. The vulnerability can allow an attacker to bypass authentication and gain admin access, with high-severity CVSS scores (3.1: CRITICAL, base score 9....